Bump the npm_and_yarn group across 4 directories with 6 updates by dependabot[bot] · Pull Request #36 · danbao/testring

dependabot · 2025-07-29T06:59:35Z

Bumps the npm_and_yarn group with 5 updates in the / directory:

Package	From	To
ws	`8.18.0`	`8.18.1`
tough-cookie	`4.1.4`	`5.0.0`
chromedriver	`138.0.2`	`138.0.4`
nanoid	`3.3.7`	`3.3.8`
form-data	`4.0.3`	`4.0.4`

Bumps the npm_and_yarn group with 1 update in the /core/utils directory: nanoid.
Bumps the npm_and_yarn group with 2 updates in the /packages/devtool-backend directory: ws and @types/ws.
Bumps the npm_and_yarn group with 1 update in the /packages/http-api directory: tough-cookie.

Updates ws from 8.18.0 to 8.18.1

Release notes

Sourced from ws's releases.

8.18.1

Bug fixes

The length of the UNIX domain socket paths in the tests has been shortened to make them work when run via CITGM (021f7b8b).

Commits

b92745a [dist] 8.18.1
b3d9747 [doc] Fix nit
021f7b8 [test] Shorten the path lengths
b9ca55b [pkg] Update eslint-config-prettier to version 10.0.1
c798dd4 [doc] Fix typo (#2271)
6861472 [ci] Test on node 23
019f28f [minor] Improve JSDoc-inferred types (#2242)
bfe1b2a [doc] Remove unnecessary period (#2240)
f7dc469 [doc] Fix the type of the data argument
See full diff in compare view

Updates tough-cookie from 4.1.4 to 5.0.0

Release notes

Sourced from tough-cookie's releases.

v5.0.0

Summary

Breaking Changes

We've migrated the project to TypeScript! First-party types are now available.

The minimum supported version of node is v18.

We no longer provide official support for non-node enviroments.

API Changes

We've standardized most of our exposed interfaces to accept both null and undefined and return only undefined.

getCookie and getCookies now accept a string or URL as a parameter.

We've removed the inspect function in favor of node's util.inspect.custom symbol. Cookies may appear different when logged in non-node environments.

Other Changes

Fixed the expiry time not updating when a cookie is updating.

Fixed validation errors not getting called in some callbacks.

New documentation that is always kept up to date!

Performance improvements.

What's Changed

Typescript support by @colincasey in salesforce/tough-cookie#264

[v5] Update config by @wjhsf in salesforce/tough-cookie#269

Fix prettier in eslint config by @wjhsf in salesforce/tough-cookie#274

Updated dev tooling by @colincasey in salesforce/tough-cookie#271

Port 283 fix to v5 by @colincasey in salesforce/tough-cookie#287

Remove some @ts-ignore directives. by @wjhsf in salesforce/tough-cookie#288

Clean up validate function. by @wjhsf in salesforce/tough-cookie#275

Changes to support full eslint rule configurations by @colincasey in salesforce/tough-cookie#289

Split giant cookie.ts into multiple files. by @wjhsf in salesforce/tough-cookie#296

Merge branch 'master' into v5 by @wjhsf in salesforce/tough-cookie#300

Merge v5 into master by @colincasey in salesforce/tough-cookie#303

Preparing for release 5.0.0-rc.0 by @colincasey in salesforce/tough-cookie#304

Bump @babel/traverse from 7.21.3 to 7.23.2 by @dependabot in salesforce/tough-cookie#305

Configure dependabot and codeowners by @colincasey in salesforce/tough-cookie#306

Bump @typescript-eslint/parser from 5.58.0 to 5.62.0 by @dependabot in salesforce/tough-cookie#310

Bump eslint-config-prettier from 8.8.0 to 9.0.0 by @dependabot in salesforce/tough-cookie#311

Bump async from 2.6.4 to 3.2.4 by @dependabot in salesforce/tough-cookie#313

Avoid using arguments by @wjhsf in salesforce/tough-cookie#316

Configure dependabot to ignore @types/node. by @wjhsf in salesforce/tough-cookie#319

Bump dependencies. by @wjhsf in salesforce/tough-cookie#323

Bump the dev-dependencies group with 6 updates by @dependabot in salesforce/tough-cookie#342

Bump the dev-dependencies group with 1 update by @dependabot in salesforce/tough-cookie#344

Bump the dev-dependencies group with 3 updates by @dependabot in salesforce/tough-cookie#347

docs: use correct memstore file link by @alissonsleal in salesforce/tough-cookie#349

Bump the dev-dependencies group with 3 updates by @dependabot in salesforce/tough-cookie#351

Bump the dev-dependencies group with 2 updates by @dependabot in salesforce/tough-cookie#354

Fix expiry time not updating when cookie is updated by @colincasey in salesforce/tough-cookie#345

Change dependabot to monthly by @wjhsf in salesforce/tough-cookie#355

Bump the dev-dependencies group with 5 updates by @dependabot in salesforce/tough-cookie#358

... (truncated)

Commits

7ed1b8a Merge pull request #451 from salesforce/prepare_v5
cbaa1a5 Prepare v5 release
57b534c 5.0.0
2e6b3f4 Bump eslint from 8.57.0 to 9.9.1 (#449)
b72cdb2 Bump the dev-dependencies group with 2 updates (#448)
93d550b upgrade typescript-eslint to 8.0.1 (#440)
07a7a4d Bump the dev-dependencies group with 6 updates (#444)
9b78073 Bump tldts from 6.1.37 to 6.1.41 in the production-dependencies group (#443)
25a769c Bump the dev-dependencies group across 1 directory with 6 updates (#439)
99dab1b Bump tldts from 6.1.32 to 6.1.37 in the production-dependencies group (#436)
Additional commits viewable in compare view

Updates chromedriver from 138.0.2 to 138.0.4

Commits

013708b Bump version to 138.0.4
18e19ed Bump version to 138.0.3
See full diff in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

Fixed a way to break Nano ID by passing non-integer size (by @myndzi).

Commits

3044cd5 Release 3.3.8 version
4fe3495 Update size limit
d643045 Fix pool pollution, infinite loop (#510)
See full diff in compare view

Updates form-data from 4.0.3 to 4.0.4

Release notes

Sourced from form-data's releases.

v4.0.4

v4.0.4 - 2025-07-16

Commits

[meta] add auto-changelog 811f682

[Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76

[Fix] Switch to using crypto random for boundary values 3d17230

[Tests] fix linting errors 5e34080

[meta] actually ensure the readme backup isn’t published 316c82b

[Dev Deps] update @ljharb/eslint-config 58c25d7

[meta] fix readme capitalization 2300ca1

Changelog

Sourced from form-data's changelog.

v4.0.4 - 2025-07-16

Commits

[meta] add auto-changelog 811f682

[Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76

[Fix] Switch to using crypto random for boundary values 3d17230

[Tests] fix linting errors 5e34080

[meta] actually ensure the readme backup isn’t published 316c82b

[Dev Deps] update @ljharb/eslint-config 58c25d7

[meta] fix readme capitalization 2300ca1

Commits

41996f5 v4.0.4
316c82b [meta] actually ensure the readme backup isn’t published
2300ca1 [meta] fix readme capitalization
811f682 [meta] add auto-changelog
5e34080 [Tests] fix linting errors
1d11a76 [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
58c25d7 [Dev Deps] update @ljharb/eslint-config
3d17230 [Fix] Switch to using crypto random for boundary values
See full diff in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

Fixed a way to break Nano ID by passing non-integer size (by @myndzi).

Commits

3044cd5 Release 3.3.8 version
4fe3495 Update size limit
d643045 Fix pool pollution, infinite loop (#510)
See full diff in compare view

Updates ws from 8.18.0 to 8.18.3

Release notes

Sourced from ws's releases.

8.18.1

Bug fixes

The length of the UNIX domain socket paths in the tests has been shortened to make them work when run via CITGM (021f7b8b).

Commits

b92745a [dist] 8.18.1
b3d9747 [doc] Fix nit
021f7b8 [test] Shorten the path lengths
b9ca55b [pkg] Update eslint-config-prettier to version 10.0.1
c798dd4 [doc] Fix typo (#2271)
6861472 [ci] Test on node 23
019f28f [minor] Improve JSDoc-inferred types (#2242)
bfe1b2a [doc] Remove unnecessary period (#2240)
f7dc469 [doc] Fix the type of the data argument
See full diff in compare view

Updates @types/ws from 8.5.12 to 8.18.1

Commits

See full diff in compare view

Updates tough-cookie from 4.1.4 to 5.1.2

Release notes

Sourced from tough-cookie's releases.

v5.0.0

Summary

Breaking Changes

We've migrated the project to TypeScript! First-party types are now available.

The minimum supported version of node is v18.

We no longer provide official support for non-node enviroments.

API Changes

We've standardized most of our exposed interfaces to accept both null and undefined and return only undefined.

getCookie and getCookies now accept a string or URL as a parameter.

We've removed the inspect function in favor of node's util.inspect.custom symbol. Cookies may appear different when logged in non-node environments.

Other Changes

Fixed the expiry time not updating when a cookie is updating.

Fixed validation errors not getting called in some callbacks.

New documentation that is always kept up to date!

Performance improvements.

What's Changed

Typescript support by @colincasey in salesforce/tough-cookie#264

[v5] Update config by @wjhsf in salesforce/tough-cookie#269

Fix prettier in eslint config by @wjhsf in salesforce/tough-cookie#274

Updated dev tooling by @colincasey in salesforce/tough-cookie#271

Port 283 fix to v5 by @colincasey in salesforce/tough-cookie#287

Remove some @ts-ignore directives. by @wjhsf in salesforce/tough-cookie#288

Clean up validate function. by @wjhsf in salesforce/tough-cookie#275

Changes to support full eslint rule configurations by @colincasey in salesforce/tough-cookie#289

Split giant cookie.ts into multiple files. by @wjhsf in salesforce/tough-cookie#296

Merge branch 'master' into v5 by @wjhsf in salesforce/tough-cookie#300

Merge v5 into master by @colincasey in salesforce/tough-cookie#303

Preparing for release 5.0.0-rc.0 by @colincasey in salesforce/tough-cookie#304

Bump @babel/traverse from 7.21.3 to 7.23.2 by @dependabot in salesforce/tough-cookie#305

Configure dependabot and codeowners by @colincasey in salesforce/tough-cookie#306

Bump @typescript-eslint/parser from 5.58.0 to 5.62.0 by @dependabot in salesforce/tough-cookie#310

Bump eslint-config-prettier from 8.8.0 to 9.0.0 by @dependabot in salesforce/tough-cookie#311

Bump async from 2.6.4 to 3.2.4 by @dependabot in salesforce/tough-cookie#313

Avoid using arguments by @wjhsf in salesforce/tough-cookie#316

Configure dependabot to ignore @types/node. by @wjhsf in salesforce/tough-cookie#319

Bump dependencies. by @wjhsf in salesforce/tough-cookie#323

Bump the dev-dependencies group with 6 updates by @dependabot in salesforce/tough-cookie#342

Bump the dev-dependencies group with 1 update by @dependabot in salesforce/tough-cookie#344

Bump the dev-dependencies group with 3 updates by @dependabot in salesforce/tough-cookie#347

docs: use correct memstore file link by @alissonsleal in salesforce/tough-cookie#349

Bump the dev-dependencies group with 3 updates by @dependabot in salesforce/tough-cookie#351

Bump the dev-dependencies group with 2 updates by @dependabot in salesforce/tough-cookie#354

Fix expiry time not updating when cookie is updated by @colincasey in salesforce/tough-cookie#345

Change dependabot to monthly by @wjhsf in salesforce/tough-cookie#355

Bump the dev-dependencies group with 5 updates by @dependabot in salesforce/tough-cookie#358

... (truncated)

Commits

7ed1b8a Merge pull request #451 from salesforce/prepare_v5
cbaa1a5 Prepare v5 release
57b534c 5.0.0
2e6b3f4 Bump eslint from 8.57.0 to 9.9.1 (#449)
b72cdb2 Bump the dev-dependencies group with 2 updates (#448)
93d550b upgrade typescript-eslint to 8.0.1 (#440)
07a7a4d Bump the dev-dependencies group with 6 updates (#444)
9b78073 Bump tldts from 6.1.37 to 6.1.41 in the production-dependencies group (#443)
25a769c Bump the dev-dependencies group across 1 directory with 6 updates (#439)
99dab1b Bump tldts from 6.1.32 to 6.1.37 in the production-dependencies group (#436)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [ws](https://github.com/websockets/ws) | `8.18.0` | `8.18.1` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.1.4` | `5.0.0` | | [chromedriver](https://github.com/giggio/node-chromedriver) | `138.0.2` | `138.0.4` | | [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.8` | | [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.4` | Bumps the npm_and_yarn group with 1 update in the /core/utils directory: [nanoid](https://github.com/ai/nanoid). Bumps the npm_and_yarn group with 2 updates in the /packages/devtool-backend directory: [ws](https://github.com/websockets/ws) and [@types/ws](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/ws). Bumps the npm_and_yarn group with 1 update in the /packages/http-api directory: [tough-cookie](https://github.com/salesforce/tough-cookie). Updates `ws` from 8.18.0 to 8.18.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.18.0...8.18.1) Updates `tough-cookie` from 4.1.4 to 5.0.0 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.4...v5.0.0) Updates `chromedriver` from 138.0.2 to 138.0.4 - [Commits](giggio/node-chromedriver@138.0.2...138.0.4) Updates `nanoid` from 3.3.7 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.7...3.3.8) Updates `form-data` from 4.0.3 to 4.0.4 - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.3...v4.0.4) Updates `nanoid` from 3.3.7 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.7...3.3.8) Updates `ws` from 8.18.0 to 8.18.3 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.18.0...8.18.1) Updates `@types/ws` from 8.5.12 to 8.18.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/ws) Updates `tough-cookie` from 4.1.4 to 5.1.2 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.4...v5.0.0) --- updated-dependencies: - dependency-name: ws dependency-version: 8.18.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-version: 5.0.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: chromedriver dependency-version: 138.0.4 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: nanoid dependency-version: 3.3.8 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: form-data dependency-version: 4.0.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-version: 3.3.8 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ws dependency-version: 8.18.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@types/ws" dependency-version: 8.18.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-version: 5.1.2 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 29, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 4 directories with 6 updates#36

Bump the npm_and_yarn group across 4 directories with 6 updates#36
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-fcff6cd5dc

dependabot bot commented on behalf of github Jul 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Jul 29, 2025

8.18.1

Bug fixes

v5.0.0

Summary

Breaking Changes

API Changes

Other Changes

What's Changed

3.3.8

v4.0.4

v4.0.4 - 2025-07-16

Commits

v4.0.4 - 2025-07-16

Commits

3.3.8

8.18.1

Bug fixes

v5.0.0

Summary

Breaking Changes

API Changes

Other Changes

What's Changed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants